UMass Amherst Settles HIPAA Violation for $650,000 and Corrective Action.

In 2003, the University of Massachusetts – Amherst (UMass Amherst) was embroiled in a health data security breach. A workstation computer was infected with malware, leading to a HIPAA violation involving patient data for 1,670 people. Skip to three years later, and UMass Amherst has settled legal actions related to the breach, brought by the […] read more

California Amends Data Breach Notification For Encrypted Data.

Beginning on January 1, 2017, organizations in California cannot automatically assume that personal details are safe if they were encrypted at the time of a data breach. This, in turn, means that businesses and other organizations will have to give some thought as to whether a data breach must be made public.   Encrypted Personal […] read more

Habitat For Humanity Data Breach Affects 5000+ People.

Habitat for Humanity, the charity that builds affordable housing across the globe for the underprivileged, was found to be leaking sensitive information online, according to dailydot.com. Over 400 gigabytes of information – including detailed information on approximately 4,600 people – was left unsecured in the cloud. (More specifically, it was Habitat for Humanity Michigan.) The […] read more

Cloud Services: Will It Be There When You Need It?.

How much should you (or can you) trust the cloud to be there when you need it? Last week, the top US internet sites went dark, on and off, for a couple of hours or so due to a historically unprecedented denial of service attack (DDoS). Over the past week, we’ve learnt that the assault […] read more

California Accountants Hacked To File Fraudulent Tax Returns.

Time has shown that all types of businesses are targets for hacking. The big ones, because they have money. The small and medium-sized businesses, because they have money, although less of it than big enterprises. Stories of phishing or hacking into computers that host electronic banking activities have popped up in the news frequently. Here’s […] read more

TrueCrypt Users Being Infected With Malware “StrongPity”.

It’s not often than abandoned software makes news, but never say never. Apparently, certain hackers are distributing installers for TrueCrypt and WinRAR – respectively, a discontinued encryption program and a file compression tool – that have been infected with malware called “StrongPity”. The problem for people who are affected by the malware is that the […] read more

Yahoo: 2 Years Late In Announcing Data Breach, Decided Not To Improve Security.

Yahoo is full of surprises as of late. Just last week, the company revealed that they had a massive data breach in 2014 – a situation made more scandalous because it was the media, not the company responsible, that spilled the beans. The scandal then grew larger when it was revealed that Yahoo had been […] read more

Another Site Leaks Plaintext Passwords, Runs Afoul of COPPA.

The site arstechnica.com is reporting that i-Dressup not only experienced a data breach – over 2.2 million affected – but has been slow as molasses in responding to Ars’s emails that they have been hacked or, more importantly, fixing the vulnerability that lead to the security failure. Perhaps we shouldn’t be surprised, merely exasperated, that […] read more

IRS Hacked, 101K PINs For Electronic Tax Filing Stolen (aka, What’s New?).

According to csoonline.com, the IRS had to block unknown persons or person who was downloading a massive trove of PINs used for electronic tax filing: The attack occurred in January and targeted an IRS Web application that taxpayers use to obtain their so-called Electronic Filing (E-file) PINs. The app requires taxpayer information such as name, […] read more